<?php
class AdminAction extends Action{
    public function checkUser($level){
		if(empty($_SESSION['aid'])) $this->redirect('/Admin/Index/login');
		if(!empty($level) && !in_array($level,$_SESSION['levels'])) $this->error('您没有此权限!.');
	}
    public function index(){
		$this->checkUser('1_5_1');
		$data = M('Admin');
		$list = $data->select();
		$this->assign('list',$list);
		$this->display();
	}
	public function detail(){
		$this->checkUser('1_5_2');
		$id = (int)$_GET['id'];
		$data = M('Admin');
		$list = $data->where("id = $id")->field('id,username,level')->find();
		$level = explode(',',$list['level']);
		unset($list['level']);
		foreach($level as $v){
			$list['level'][$v] = 'checked';
		}
		$this->assign('list',$list);
		$this->display();
	}
	public function amend(){
		$this->checkUser('1_5_2');
		$data = M('Admin');
		$id    = (int)$_POST['id'];
		$level = $data->where("id = $id")->find();
	
		$list['level'] = implode(',',$_POST['level']);
		$list['id']    = (int)$_POST['id'];
		if($data->save($list)) $this->success('管理员权限变更成功!');
		else $this->error('管理员权限变更失败!重试一下吧.');
	}
	public function state(){
		$this->checkUser('1_5_2');
		$data = M('Admin');
		$id    = (int)$_GET['id'];
		$level = $data->where("id = $id")->find();
		if($level['admin']) $this->error('超级管理员不能被禁止登录,包括自己!');
		$list['id'] = (int)$_GET['id'];
		$list['state'] = (int)$_GET['state'];
		if($data->save($list)) $this->success('操作成功!');
		$this->error('操作失败!请重试!');
	}
	public function del(){
		$this->checkUser('1_5_2');
		$data = M('Admin');
		$id = (int)$_GET['id'];
		$level = $data->where("id = $id")->find();
		if($level['admin']) $this->error('超级管理员不能被删除,包括自己!');
		if($data->where("`id` = $id")->delete()) $this->success('操作成功!');
		$this->error('操作失败!请重试!');
	}
	public function add(){
		$this->checkUser('1_5_2');
		$this->display();
	}
	public function check(){
		$this->checkUser('1_5_2');
		$list['username'] = $username = trim($_POST['username']);
		$newpass = trim($_POST['newpass']);
		$password = trim($_POST['password']);
		$list['email'] = $email = trim($_POST['email']);
		if(empty($username)) $this->error('管理员名称不能为空的');
		if($newpass != $password || empty($newpass))	$this->error('两次密码不一致，请重新输入!');
		$list['password'] = md5($password);
		$list['lasttime'] =	$_SERVER['REQUEST_TIME'];
		$list['lastip']   =	ip2long(get_client_ip());
		$list['state']    =	'1';
		$data = M('Admin');
		if(!$data->add($list)) $this->error('添加失败!请重试!');
		$this->assign('jumpUrl','__URL__/index');
		$this->success('添加成功!记得给该他分配权限喔!');
		
	}
}
?>